[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Newbie question: setting userPassword field

To: John Kristian <kristian@netscape.com>
Subject: Re: Newbie question: setting userPassword field
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Mon, 07 Feb 2000 12:31:08 -0800
Cc: Dan <dan@fatcanary.com.au>, openldap-software@OpenLDAP.org
In-reply-to: <389F1C57.17DB453@netscape.com>
References: <NDBBJHPHJMPNFPEJOKGOMEHOCAAA.dan@fatcanary.com.au>

At 11:26 AM 2/7/00 -0800, John Kristian wrote:
>> I wish for [the UserPassword] field to be stored and retrieved in an
>> encrypted format.
>
>You mean hashed, with {crypt} or {SHA} (for example), I assume.
>
>> ... can I send the server an unencrypted password, then automatically have it
>> encrypt it for storage?
>
>Netscape Directory Server will do this.  OpenLDAP would not, last time
>I checked.  But perhaps this feature has been added recently.  Anyone?

No.  OpenLDAP 1.x recognized hashed values but will not generate them.
We have no plans to add any new features to OpenLDAP 1.2.

For OpenLDAP 2.0, for compatibility with RFC 2256, we are introducing
new mechanisms for storing and changing user passwords.  See:
  http://search.ietf.org/internet-drafts/draft-zeilenga-ldap-authpasswd-00.txt 
  http://search.ietf.org/internet-drafts/draft-zeilenga-ldap-passwd-exop-00.txt

Please direct comments regarding these drafts as indicated in the drafts.

	Kurt

Follow-Ups:
- RE: Newbie question: setting userPassword field
  - From: "Dan" <dan@fatcanary.com.au>

References:
- Newbie question: setting userPassword field
  - From: "Dan" <dan@fatcanary.com.au>
- Re: Newbie question: setting userPassword field
  - From: John Kristian <kristian@netscape.com>

Prev by Date: Re: Newbie question: setting userPassword field
Next by Date: Re: Newbie question: setting userPassword field
Index(es):
- Chronological
- Thread